Vigil@nce: Firefox, Window spoofing
July 2009 by Vigil@nce
An attacker can create a HTML page opening a malicious window, and
displaying a url which appears to be legitimate.
Severity: 1/4
Consequences: disguisement
Provenance: document
Means of attack: 1 attack
Ability of attacker: technician (2/4)
Confidence: unique source (2/5)
Diffusion of the vulnerable configuration: high (3/3)
Creation date: 27/07/2009
IMPACTED PRODUCTS
– Mozilla Firefox
DESCRIPTION OF THE VULNERABILITY
When user clicks on a unreachable url, Firefox displays a page
containing "Address not found. Firefox can’t find the server ...".
An attacker can:
– open a url containing spaces (not visible), which is thus
invalid
– display data on this page
– call the stop() method
In this case, firefox stops before displaying the error message,
and attacker’s data are still visible.
An attacker can therefore create a HTML page opening a malicious
window, and displaying a url which appears to be legitimate, in
order to deceive the victim.
CHARACTERISTICS
Identifiers: BID-35803, VIGILANCE-VUL-8887
http://vigilance.fr/vulnerability/Firefox-window-spoofing-8887